Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 252381 - www-client/{seamonkey-1.1.14,galeon-2.0.4} - segfault in nsUnknownDecoder::FireListenerNotifications
Summary: www-client/{seamonkey-1.1.14,galeon-2.0.4} - segfault in nsUnknownDecoder::Fi...
Status: RESOLVED NEEDINFO
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal
Assignee: Mozilla Gentoo Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-12-24 13:11 UTC by xiando
Modified: 2010-07-29 01:11 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Seamonkey 1.1.14 report by BugBuddy (gecko-feilrapport.txt,13.29 KB, text/plain)
2008-12-24 13:25 UTC, xiando
Details
strace galeon 2>galeon.strace.log (galeon.strace.log,1.22 MB, text/plain)
2008-12-27 05:30 UTC, xiando
Details
epiphany 2>epiphany.strace.log (epiphany.strace.log,1.12 MB, text/plain)
2008-12-27 05:32 UTC, xiando
Details
emerge --info (emerge.info.txt,6.18 KB, text/plain)
2008-12-27 05:34 UTC, xiando
Details

Note You need to log in before you can comment on or make changes to this bug.
Description xiando 2008-12-24 13:11:00 UTC
A whole range of browsers now crashses on a few pages when JavaScript is enabled.

This happened after upgrading "something", much likely the xulrunner (or it's deps).

Reproducible: Always

Steps to Reproduce:
dev-libs/nss-3.12.2_rc1
dev-libs/nspr-4.7.3
net-libs/xulrunner-1.8.1.19
net-libs/xulrunner-1.9.1_beta2

1. Unmask everything required for Firefox 3.1 beta2.
2. Enable JavaScript. Plugins or no plugins makes no difference (moved /usr/lib/nsbrowser/plugins/ to check, did not matter).
3. Visit http://thepiratebay.org/top/all 

It's some advertisement stuff used at TPB which made me notice the crash, other pages now crash too. I suspect clicktorrent.info involvement. The advertisements on that page are placed at random, simply reload the page until clicktorrent.info servers the advertisement and watch it crash.

4. Web browser crashes.

Web browsers crashing, including:

www-client/seamonkey-1.1.14
www-client/galeon-2.0.4

It is clear that "nsUnknownDecoder.cpp:" wants some file (or directory) which simply isn't anywhere near my computer. What does it want? Where is it? Nobody admits anything.

Actual Results:  
Web browsers crashing.

Expected Results:  
Web browsers don't crash.

Seamonkey:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb62206f0 (LWP 8996)]
0xb5b5c336 in nsUnknownDecoder::FireListenerNotifications (this=0x8a48a18, request=0x8a67c7c, aCtxt=0x0)
    at nsUnknownDecoder.cpp:656
656     nsUnknownDecoder.cpp: No such file or directory.
        in nsUnknownDecoder.cpp
(gdb) bt
#0  0xb5b5c336 in nsUnknownDecoder::FireListenerNotifications (this=0x8a48a18, request=0x8a67c7c, aCtxt=0x0)
    at nsUnknownDecoder.cpp:656
#1  0xb5b5c568 in nsUnknownDecoder::OnDataAvailable (this=0x8a48a18, request=0x8a67c7c, aCtxt=0x0, 
    aStream=0x8b2db18, aSourceOffset=0, aCount=3361) at nsUnknownDecoder.cpp:192
#2  0xb5b49731 in nsStreamListenerTee::OnDataAvailable (this=0x8ae04f8, request=0x8a67c7c, context=0x0, 
    input=0x8a68878, offset=0, count=4385) at nsStreamListenerTee.cpp:97
#3  0xb5ba5c09 in nsHttpChannel::OnDataAvailable (this=0x8a67c50, request=0x8a689b8, ctxt=0x0, input=0x8a68878, 
    offset=0, count=4385) at nsHttpChannel.cpp:4213
#4  0xb5b2d6f5 in nsInputStreamPump::OnStateTransfer (this=0x8a689b8) at nsInputStreamPump.cpp:494
#5  0xb5b2d888 in nsInputStreamPump::OnInputStreamReady (this=0x8a689b8, stream=0x8a68878)
    at nsInputStreamPump.cpp:397
#6  0xb7f2a05a in nsInputStreamReadyEvent::EventHandler (plevent=0x8a68a14) at nsStreamUtils.cpp:120
#7  0xb7f45cf7 in PL_HandleEvent (self=0x8a68a14) at plevent.c:688
#8  0xb7f45ffd in PL_ProcessPendingEvents (self=0x8226368) at plevent.c:623
#9  0xb7f48098 in nsEventQueueImpl::ProcessPendingEvents (this=0x80ee378) at nsEventQueue.cpp:448
#10 0xb4c05495 in event_processor_callback (source=0x835f408, condition=G_IO_IN, data=0x0) at nsAppShell.cpp:67
#11 0xb76625fe in ?? () from /usr/lib/libglib-2.0.so.0
#12 0x0835f408 in ?? ()
#13 0x00000001 in ?? ()
#14 0x080ee378 in ?? ()
#15 0x00000000 in ?? ()
(gdb) 



Galeon:
(gdb) run
Starting program: /usr/bin/galeon 
[Thread debugging using libthread_db enabled]
[New Thread 0xb4faca00 (LWP 23710)]
[New Thread 0xb4802b90 (LWP 23714)]

(galeon:23710): Gtk-WARNING **: Failed to set text from markup due to error parsing markup: Feil på linje 1 tegn 89: Element «markup» ble lukket, men aktivt åpent element er «b»

(galeon:23710): Gtk-WARNING **: Failed to set text from markup due to error parsing markup: Feil på linje 1 tegn 89: Element «markup» ble lukket, men aktivt åpent element er «b»

** (galeon:23710): CRITICAL **: radio_group_set_from_value: assertion `action != NULL' failed
[New Thread 0xb2d3bb90 (LWP 23758)]
[New Thread 0xb253ab90 (LWP 23769)]
[New Thread 0xb1d39b90 (LWP 23770)]
[New Thread 0xb1538b90 (LWP 23819)]
[Thread 0xb1538b90 (LWP 23819) exited]
[New Thread 0xb0d37b90 (LWP 23820)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb4faca00 (LWP 23710)]
0xb6117c06 in nsUnknownDecoder::FireListenerNotifications (this=0x857ca08, request=0x87ef02c, aCtxt=0x0)
    at nsUnknownDecoder.cpp:656
656     nsUnknownDecoder.cpp: No such file or directory.
        in nsUnknownDecoder.cpp
Current language:  auto; currently c++
(gdb) bt
#0  0xb6117c06 in nsUnknownDecoder::FireListenerNotifications (this=0x857ca08, request=0x87ef02c, aCtxt=0x0)
    at nsUnknownDecoder.cpp:656
#1  0xb6117e20 in nsUnknownDecoder::OnDataAvailable (this=0x857ca08, request=0x87ef02c, aCtxt=0x0, 
    aStream=0x873a1d8, aSourceOffset=0, aCount=3361) at nsUnknownDecoder.cpp:192
#2  0xb61050d1 in nsStreamListenerTee::OnDataAvailable (this=0x8857060, request=0x87ef02c, context=0x0, 
    input=0x87efb28, offset=0, count=4385) at nsStreamListenerTee.cpp:97
#3  0xb6160f59 in nsHttpChannel::OnDataAvailable (this=0x87ef000, request=0x87efc28, ctxt=0x0, input=0x87efb28, 
    offset=0, count=4385) at nsHttpChannel.cpp:4213
#4  0xb60e9245 in nsInputStreamPump::OnStateTransfer (this=0x87efc28) at nsInputStreamPump.cpp:494
#5  0xb60e93c0 in nsInputStreamPump::OnInputStreamReady (this=0x87efc28, stream=0x87efb28)
    at nsInputStreamPump.cpp:397
#6  0xb5ffff0a in nsInputStreamReadyEvent::EventHandler (plevent=0x87efcc4) at nsStreamUtils.cpp:120
#7  0xb601bad7 in PL_HandleEvent (self=0x87efcc4) at plevent.c:688
#8  0xb601bddd in PL_ProcessPendingEvents (self=0x831ccb8) at plevent.c:623
#9  0xb601d978 in nsEventQueueImpl::ProcessPendingEvents (this=0x831cc70) at nsEventQueue.cpp:448
#10 0xb68ca045 in event_processor_callback (source=0x83d26e8, condition=G_IO_IN, data=0x0) at nsAppShell.cpp:67
#11 0xb6d785fe in ?? () from /usr/lib/libglib-2.0.so.0
#12 0x083d26e8 in ?? ()
#13 0x00000001 in ?? ()
#14 0x0831cc70 in ?? ()
#15 0x00000000 in ?? ()


Epiphany:
Starting program: /usr/bin/epiphany 
[Thread debugging using libthread_db enabled]
[New Thread 0xb5018920 (LWP 25485)]
[New Thread 0xb39b4b90 (LWP 25489)]
[New Thread 0xb2eb9b90 (LWP 25490)]
[New Thread 0xb26b8b90 (LWP 25491)]
[New Thread 0xb1e57b90 (LWP 25846)]

** (epiphany:25485): WARNING **: No word lists can be found for the language "nb".

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb5018920 (LWP 25485)]
0xb60cec06 in nsUnknownDecoder::FireListenerNotifications (this=0x8815480, request=0x87e722c, aCtxt=0x0)
    at nsUnknownDecoder.cpp:656
656     nsUnknownDecoder.cpp: No such file or directory.
        in nsUnknownDecoder.cpp
Current language:  auto; currently c++
(gdb) bt
#0  0xb60cec06 in nsUnknownDecoder::FireListenerNotifications (this=0x8815480, request=0x87e722c, aCtxt=0x0)
    at nsUnknownDecoder.cpp:656
#1  0xb60cee20 in nsUnknownDecoder::OnDataAvailable (this=0x8815480, request=0x87e722c, aCtxt=0x0, 
    aStream=0x87e8d10, aSourceOffset=0, aCount=3361) at nsUnknownDecoder.cpp:192
#2  0xb60bc0d1 in nsStreamListenerTee::OnDataAvailable (this=0x89205f0, request=0x87e722c, context=0x0, 
    input=0x87e7d40, offset=0, count=4385) at nsStreamListenerTee.cpp:97
#3  0xb6117f59 in nsHttpChannel::OnDataAvailable (this=0x87e7200, request=0x87e7e80, ctxt=0x0, input=0x87e7d40, 
    offset=0, count=4385) at nsHttpChannel.cpp:4213
#4  0xb60a0245 in nsInputStreamPump::OnStateTransfer (this=0x87e7e80) at nsInputStreamPump.cpp:494
#5  0xb60a03c0 in nsInputStreamPump::OnInputStreamReady (this=0x87e7e80, stream=0x87e7d40)
    at nsInputStreamPump.cpp:397
#6  0xb5fb6f0a in nsInputStreamReadyEvent::EventHandler (plevent=0x87e7f1c) at nsStreamUtils.cpp:120
#7  0xb5fd2ad7 in PL_HandleEvent (self=0x87e7f1c) at plevent.c:688
#8  0xb5fd2ddd in PL_ProcessPendingEvents (self=0x83dc1a8) at plevent.c:623
#9  0xb5fd4978 in nsEventQueueImpl::ProcessPendingEvents (this=0x83dc160) at nsEventQueue.cpp:448
#10 0xb6881045 in event_processor_callback (source=0x84809f8, condition=G_IO_IN, data=0x0) at nsAppShell.cpp:67
#11 0xb6d2f5fe in ?? () from /usr/lib/libglib-2.0.so.0
#12 0x084809f8 in ?? ()
#13 0x00000001 in ?? ()
#14 0x083dc160 in ?? ()
#15 0x00000000 in ?? ()
(gdb) 


I *strongly* suspect that bug #252302 is very related as this is much likely caused by xulrunner or something else used by all the gecko based browsers. I do not have the Firefox 3.0.5, so I can't say for sure.


(un)interesting note, mostly to myself: URL "http://clicktorrent.info/phpAdsNew/adjs.php?n=4" contains:
-------START-------
var phpadsbanner = '';

phpadsbanner += '<'+'script language="Javascript" src="http://ilead.itrack.it/clients/script.aspx?campaignid=7237&websiteid=9053&scriptid=39383&subwebsiteid="><'+'/script>\n<'+'div id="beacon_1279" style="position: absolute; left: 0px; top: 0px; visibility: hidden;"><'+'img src=\'http://clicktorrent.info/phpAdsNew/adlog.php?bannerid=1279&amp;clientid=485&amp;zoneid=0&amp;source=&amp;block=0&amp;capping=0&amp;cb=e8f9aabfe011ff0961282629529142db\' width=\'0\' height=\'0\' alt=\'\' style=\'width: 0px; height: 0px;\'><'+'/div>';

document.write(phpadsbanner);
-------END-------

(being able to make a testcase which crashes every time would be nice)
Comment 1 xiando 2008-12-24 13:25:30 UTC
Created attachment 176295 [details]
Seamonkey 1.1.14 report by BugBuddy

A BugBuddy report when Seamonkey 1.1.14 crashes.
Comment 2 xiando 2008-12-24 13:28:23 UTC
The terminal actually wrote

 /usr/libexec/gecko: No such file or directory.

when Seamonkey 1.1.14 crashed. I have no such file... why would Seamonkey want it? Could lack of this file / seamonkey wanting it be the crash reason?
Comment 3 Wormo (RETIRED) gentoo-dev 2008-12-25 07:13:37 UTC
Please post your 'emerge --info' in case it matters, and try getting a strace log of the crash to show what file is not being found.
Comment 4 xiando 2008-12-27 05:30:04 UTC
Created attachment 176478 [details]
strace galeon 2>galeon.strace.log
Comment 5 xiando 2008-12-27 05:32:23 UTC
Created attachment 176480 [details]
epiphany 2>epiphany.strace.log
Comment 6 xiando 2008-12-27 05:34:36 UTC
Created attachment 176482 [details]
emerge --info
Comment 7 xiando 2008-12-27 05:39:18 UTC
gettimeofday({1230355461, 25276}, NULL) = 0
open("/usr/lib/gconv/CP1252.so", O_RDONLY) = 30
read(30, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\3\0\0004\0\0\0\320"..., 512) = 512
fstat64(30, {st_mode=S_IFREG|0755, st_size=9400, ...}) = 0
mmap2(NULL, 12316, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 30, 0) = 0xb15e5000
mmap2(0xb15e7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 30, 0x1) = 0xb15e7000
close(30)                               = 0
mprotect(0xb15e7000, 4096, PROT_READ)   = 0
gettimeofday({1230355461, 27583}, NULL) = 0
time(NULL)                              = 1230355461
brk(0x89b5000)                          = 0x89b5000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---

1. I have no idea how to read a strace log.
2. It appears that open("/usr/lib/gconv/CP1252.so" is the last file opened before SIGSEGV. sys-libs/glibc-2.6.1 involvement indicated.

I hope this information may provide additional clues. Please tell me if more information is required and how to produce it.
Comment 8 Lukas Zavodny 2009-02-17 11:02:07 UTC
I can confirm that this bug is still reality. All browser which aren't base on xulrunner 1.9 are crashing with some page scripts (www.tinypic.com). I am using ~x86 global.
Comment 9 Martin Mokrejš 2009-11-13 13:05:30 UTC
(In reply to comment #2)
> The terminal actually wrote
> 
>  /usr/libexec/gecko: No such file or directory.
> 
> when Seamonkey 1.1.14 crashed. I have no such file... why would Seamonkey want
> it? Could lack of this file / seamonkey wanting it be the crash reason?
> 

Does this still happen? The /usr/bin/seamonkey is a wrapper shell script executing a binary like /usr/lib/seamonkey/*-bin. It depends I think how the --configure flags were called, there is --enable-application=suite but other values exist as well. that results in different binary file names. That is I think where your problem appears. I guess you have seamonkey shell script in /usr/bin and /usr/lib/seamonkey/seamonkey-bin while some shell script look for gecko binary or shell-script.

Maybe try
# cd /usr/lib/seamonkey
# find . -type f | xargs grep gecko

or something similar to find the file referring to it.

And maybe re-install to see what configure flags were used to build the application.
Comment 10 Jory A. Pratt gentoo-dev 2010-07-29 01:11:03 UTC
(In reply to comment #9)
> (In reply to comment #2)
> > The terminal actually wrote
> > 
> >  /usr/libexec/gecko: No such file or directory.
> > 
> > when Seamonkey 1.1.14 crashed. I have no such file... why would Seamonkey want
> > it? Could lack of this file / seamonkey wanting it be the crash reason?
> > 
> 
> Does this still happen? The /usr/bin/seamonkey is a wrapper shell script
> executing a binary like /usr/lib/seamonkey/*-bin. It depends I think how the
> --configure flags were called, there is --enable-application=suite but other
> values exist as well. that results in different binary file names. That is I
> think where your problem appears. I guess you have seamonkey shell script in
> /usr/bin and /usr/lib/seamonkey/seamonkey-bin while some shell script look for
> gecko binary or shell-script.
> 
> Maybe try
> # cd /usr/lib/seamonkey
> # find . -type f | xargs grep gecko
> 
> or something similar to find the file referring to it.
> 
> And maybe re-install to see what configure flags were used to build the
> application.
> 

Bug has gone stale reopen if you can duplicate with a current browser/gecko